<?php // Start with output buffering

ob_start();

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
      <head>
	<title>Login</title>
	<link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
	
	<meta http-equiv="content-type" content="application/xhtml+xml; charset=utf-8" />
	<meta name="author" content="Dylan J. Sather" />
	<meta name="revised" content= <?php

	/* This script checks the date_modified file to give the date at which a file on the 
	   map was last modified, thus giving us the date at which the map was last revised */

	$date_file = "/home/satherdy/map_files/login_date_modified";
	$fh = fopen($date_file, 'r');
	$date = fread($fh, filesize($date_file));
	$date = trim($date);
	fclose($fh);
	print "\"Dylan J. Sather, $date\" />";

	?>

	<meta name="description" content="Grinnell College Campus Lab Map" />
	<meta name="keywords"
		content="Grinnell College, TC Corps, Technology Consultant,
			Computer lab, Map, Dylan J. Sather" />
	<meta http-equiv="Content-Style-Type" content="text/css" />
	<meta http-equiv="Content-Script-Type" content="text/javascript" />
	<link rel="stylesheet" type="text/css" href="css/labmap.css" />
      </head>	   

<body>

<?php // login.php -- allows authorized users to login to the system

// Check to see if the form has been submitted first.
if (isset($_POST['submit'])) {

	// Now, check to see if the user submitted any information
	if ( (!empty($_POST['username'])) && (!empty($_POST['password'])) ) {
	
		// Finally, check to see if the username and password submitted match those on file
		if ( ($_POST['username'] == 'helpdesk') && ($_POST['password'] == 'helpdesk') ) {

			// And if everything is cool... set a cookie and redirect the user to the index page
			setcookie('login', 'successful', time()+3600); // The cookie expires after one hour
			header ('Location: http://tcdb.grinnell.edu/map');
		}

		else {
			// Display the login form

			print "<h2>You entered the wrong username and password. Please try again</h2>\n";

			print "<form action=\"login.php\" method=\"post\">
				<p>Username: <input type=\"text\" name=\"username\" size=\"20\" /> <br />
	  			   Password: <input type=\"password\" name=\"password\" size=\"20\" /> <br />
	   			<input type=\"submit\" name=\"submit\" value=\"Log In\" /></p></form>\n";
		}
	}

	else { // User did not enter either a username or password

		// Display the login form
		print "<h2>You need to enter both a username and a password. Please try again</h2>\n";

		print "<form action=\"login.php\" method=\"post\">
			<p>Username: <input type=\"text\" name=\"username\" size=\"20\" /> <br />
	 		   Password: <input type=\"password\" name=\"password\" size=\"20\" /> <br />
	   		<input type=\"submit\" name=\"submit\" value=\"Log In\" /></p></form>\n";
	}
}

else { // Either the username or password did not match those on file

	// Display the login form
	print "<h2>Your login attempt has failed. Please try again</h2>\n";

	print "<form action=\"login.php\" method=\"post\">
		<p>Username: <input type=\"text\" name=\"username\" size=\"20\" /> <br />
		   Password: <input type=\"password\" name=\"password\" size=\"20\" /> <br />
	  	 <input type=\"submit\" name=\"submit\" value=\"Log In\" /></p></form>\n";
}

?>

</body>

</html>

<?php // End by flushing output

ob_end_flush();

?>
